Docs Cloud Redpanda Connect Components Processors http http Available in: Cloud, Self-Managed Performs a HTTP request using a message batch as the request body, and replaces the original message parts with the body of the response. Common Advanced # Common configuration fields, showing default values label: "" http: url: "" # No default (required) verb: POST headers: {} rate_limit: "" # No default (optional) timeout: 5s parallel: false # All configuration fields, showing default values label: "" http: url: "" # No default (required) verb: POST headers: {} metadata: include_prefixes: [] include_patterns: [] dump_request_log_level: "" # Optional oauth: enabled: false consumer_key: "" # Optional consumer_secret: "" # Optional access_token: "" # Optional access_token_secret: "" # Optional oauth2: enabled: false client_key: "" # Optional client_secret: "" # Optional token_url: "" # Optional scopes: [] endpoint_params: {} basic_auth: enabled: false username: "" # Optional password: "" # Optional jwt: enabled: false private_key_file: "" # Optional signing_method: "" # Optional claims: {} headers: {} tls: enabled: false skip_cert_verify: false enable_renegotiation: false root_cas: "" # Optional root_cas_file: "" # Optional client_certs: [] extract_headers: include_prefixes: [] include_patterns: [] rate_limit: "" # No default (optional) timeout: 5s retry_period: 1s max_retry_backoff: 300s retries: 3 follow_redirects: true backoff_on: - 429 drop_on: [] successful_on: [] proxy_url: "" # No default (optional) disable_http2: false batch_as_multipart: false parallel: false Rate limit requests You can use the rate_limit field to specify a rate limit resource, which restricts the number of requests processed service-wide, regardless of how many components you run in parallel. Dynamic URL and header settings You can set the url and headers values dynamically using function interpolations. Map payloads with the branch processor You can use the branch processor to transform or encode the payload into a specific request body format, and map the response back into the original payload instead of replacing it entirely. This example uses a branch processor to strip the request message into an empty body (request_map: 'root = ""'), grab an HTTP payload, and place the result back into the original message at the path repo.status: pipeline: processors: - branch: request_map: 'root = ""' processors: - http: url: https://hub.docker.com/v2/repositories/jeffail/benthos verb: GET headers: Content-Type: application/json result_map: 'root.repo.status = this' Response codes HTTP response codes in the 200-299 range indicate a successful response. You can use the successful_on field to add more success status codes. HTTP status codes in the 300-399 range are redirects. The follow_redirects field determines how these responses are handled. If a request returns a response code that matches an entry in: The backoff_on field, the request is retried after increasing intervals. The drop_on field, the request is immediately treated as a failure. Add metadata to errors If a request returns an error response code, this processor sets a http_status_code metadata field in the resulting message. You can use the extract_headers field to define rules for copying headers into messages generated from the response. Error handling When all retry attempts for a message are exhausted, this processor cancels the attempt. By default, the failed message continues through the pipeline unchanged unless you configure other error-handling. For example, you might want to drop failed messages or route them to a dead letter queue. For more information, see Error Handling. Fields url The URL to connect to. This field supports interpolation functions. Type: string Default: "" verb A verb to connect with. Type: string Default: POST # Examples verb: POST verb: GET verb: DELETE headers A map of headers to add to the request. This field supports interpolation functions. Type: object Default: {} # Examples headers: Content-Type: application/octet-stream traceparent: ${! tracing_span().traceparent } metadata Specify matching rules that determine which metadata keys should be added to the HTTP request as headers. Type: object metadata.include_prefixes Provide a list of explicit metadata key prefixes to match against. Type: array Default: [] # Examples include_prefixes: - kafka_ include_prefixes: - content- - user_ metadata.include_patterns Provide a list of explicit metadata key regular expression (re2) patterns to match against. Type: array Default: [] # Examples include_patterns: - .* include_patterns: - _timestamp_unix$ dump_request_log_level EXPERIMENTAL: Set the logging level for the request and response payloads of each HTTP request. Type: string Default: "" Options: TRACE , DEBUG , INFO , WARN , ERROR , FATAL oauth Allows you to specify open authentication using OAuth version 1. Type: object oauth.enabled Whether to use OAuth version 1 in requests. Type: bool Default: false oauth.consumer_key A value used to identify the client to the service provider. Type: string Default: "" oauth.consumer_secret A secret used to establish ownership of the consumer key. This field contains sensitive information that usually shouldn’t be added to a configuration directly. For more information, see Manage Secrets before adding it to your configuration. Type: string Default: "" oauth.access_token The value used to gain access to the protected resources on behalf of the user. Type: string Default: "" oauth.access_token_secret The secret that establishes ownership of the oauth.access_token. This field contains sensitive information that usually shouldn’t be added to a configuration directly. For more information, see Manage Secrets before adding it to your configuration. Type: string Default: "" oauth2 Allows you to specify open authentication via OAuth version 2 and the client credentials token flow. Type: object oauth2.enabled Whether to use OAuth version 2 in requests. Type: bool Default: false oauth2.client_key A value used to identify the client to the token provider. Type: string Default: "" oauth2.client_secret The secret used to establish ownership of the client key. This field contains sensitive information that usually shouldn’t be added to a configuration directly. For more information, see Manage Secrets before adding it to your configuration. Type: string Default: "" oauth2.token_url The URL of the token provider. Type: string Default: "" oauth2.scopes A list of requested permissions (optional). Type: array Default: [] oauth2.endpoint_params A list of endpoint parameters specified as arrays of strings (optional). Type: object Default: {} # Examples endpoint_params: grant_type: - client_credentials audience: - https://api.example.com/ - https://api.example.com/resource basic_auth Allows you to specify basic authentication. Type: object basic_auth.enabled Whether to use basic authentication in requests. Type: bool Default: false basic_auth.username A username to authenticate as. Type: string Default: "" basic_auth.password A password to authenticate with. This field contains sensitive information that usually shouldn’t be added to a configuration directly. For more information, see Manage Secrets before adding it to your configuration. Type: string Default: "" jwt BETA: Allows you to specify JSON Web Token (JWT) authentication. Type: object jwt.enabled Whether to use JWT authentication in requests. Type: bool Default: false jwt.private_key_file A file with the PEM encoded using PKCS1 or PKCS8 as private key. Type: string Default: "" jwt.signing_method A method used to sign the token, such as RS256, RS384, RS512 or EdDSA. Type: string Default: "" jwt.claims A value used to identify the claims that issued the JWT. Type: object Default: {} jwt.headers Add key/value headers to the JWT (optional). Type: object Default: {} tls Override system defaults with custom TLS settings. Type: object tls.enabled Whether custom TLS settings are enabled. Type: bool Default: false tls.skip_cert_verify Whether to skip server-side certificate verification. Type: bool Default: false tls.enable_renegotiation Whether to allow the remote server to repeatedly request renegotiation. Enable this option if you’re seeing the error message local error: tls: no renegotiation. Type: bool Default: false tls.root_cas Specify a root certificate authority to use (optional). This is a string, representing a certificate chain from the parent-trusted root certificate, through possible intermediate signing certificates, to the host certificate. This field contains sensitive information that usually shouldn’t be added to a configuration directly. For more information, see Manage Secrets before adding it to your configuration. Type: string Default: "" # Examples root_cas: |- -----BEGIN CERTIFICATE----- ... -----END CERTIFICATE----- tls.root_cas_file Specify the path to a root certificate authority file (optional). This is a file, often with a .pem extension, which contains a certificate chain from the parent-trusted root certificate, through possible intermediate signing certificates, to the host certificate. Type: string Default: "" # Examples root_cas_file: ./root_cas.pem tls.client_certs A list of client certificates to use. For each certificate, specify values for either the cert and key fields, or cert_file and key_file fields. Type: array Default: [] # Examples client_certs: - cert: foo key: bar client_certs: - cert_file: ./example.pem key_file: ./example.key tls.client_certs[].cert The plain text certificate to use. Type: string Default: "" tls.client_certs[].key The plain text certificate key to use. This field contains sensitive information that usually shouldn’t be added to a configuration directly. For more information, see Manage Secrets before adding it to your configuration. Type: string Default: "" tls.client_certs[].cert_file The path of a certificate to use. Type: string Default: "" tls.client_certs[].key_file The path of a certificate key to use. Type: string Default: "" tls.client_certs[].password A plain text password for when the private key is password encrypted in PKCS#1 or PKCS#8 format. The obsolete pbeWithMD5AndDES-CBC algorithm is not supported for the PKCS#8 format. The pbeWithMD5AndDES-CBC algorithm does not authenticate ciphertext, and is vulnerable to padding oracle attacks that may allow an attacker to recover the plain text password. This field contains sensitive information that usually shouldn’t be added to a configuration directly. For more information, see Manage Secrets before adding it to your configuration. Type: string Default: "" # Examples password: foo password: ${KEY_PASSWORD} extract_headers Specify which response headers to add to the resulting messages as metadata. Header keys are automatically converted to lowercase before matching, so make sure that your patterns target the lowercase versions of the expected header keys. Type: object extract_headers.include_prefixes Provide a list of explicit metadata key prefixes to match against. Type: array Default: [] # Examples include_prefixes: - foo_ - bar_ include_prefixes: - kafka_ include_prefixes: - content- extract_headers.include_patterns Provide a list of explicit metadata key regular expression (re2) patterns to match against. Type: array Default: [] # Examples include_patterns: - .* include_patterns: - _timestamp_unix$ rate_limit A rate limit to throttle requests by (optional). Type: string timeout A static timeout to apply to requests. Type: string Default: 5s retry_period The initial period to wait between failed requests before retrying. Type: string Default: 1s max_retry_backoff The maximum period to wait between failed requests. Type: string Default: 300s retries The maximum number of retry attempts to make. Type: int Default: 3 follow_redirects Whether to follow redirects, including all responses with HTTP status codes in the 300-399 range. If set to false, the response message includes only the body, status, and headers from the redirect response, and this processor does not make a request to the URL specified in the Location header. Type: bool Default: true backoff_on A list of status codes that indicate a request failure, and trigger retries with an increasing backoff period between attempts. Type: array Default: [429] drop_on A list of status codes that indicate a request failure, where the input should not attempt retries. This helps avoid unnecessary retries for requests that are unlikely to succeed. In these cases, the request is dropped, but the message that triggered the request is retained. Type: array Default: [] successful_on A list of HTTP status codes that should be considered as successful, even if they are not 2XX codes. This is useful for handling cases where non-2XX codes indicate that the request was processed successfully, such as 303 See Other or 409 Conflict. By default, all 2XX codes are considered successful unless they are specified in backoff_on or drop_on fields. Type: array Default: [] proxy_url A HTTP proxy URL (optional). Type: string disable_http2 Whether to disable HTTP/2. By default, HTTP/2 is enabled. Type: bool Default: false batch_as_multipart When set to true, sends all message in a batch as a single request using RFC1341. When set to false, sends messages in a batch as individual requests. Type: bool Default: false parallel When processing batched messages, this field determines whether messages in the batch are sent in parallel. If set to false, messages are sent serially. Type: bool Default: false Back to top × Simple online edits For simple changes, such as fixing a typo, you can edit the content directly on GitHub. Edit on GitHub Or, open an issue to let us know about something that you want us to change. Open an issue Contribution guide For extensive content updates, or if you prefer to work locally, read our contribution guide . Was this helpful? thumb_up thumb_down group Ask in the community mail Share your feedback group_add Make a contribution 🎉 Thanks for your feedback! group_by_value insert_part